ÿØÿàJFIFÿþ ÿÛC       ÿÛC ÿÀÿÄÿÄ"#QrÿÄÿÄ&1!A"2qQaáÿÚ ?Øy,æ/3JæݹÈ߲؋5êXw²±ÉyˆR”¾I0ó2—PI¾IÌÚiMö¯–þrìN&"KgX:Šíµ•nTJnLK„…@!‰-ý ùúmë;ºgµŒ&ó±hw’¯Õ@”Ü— 9ñ-ë.²1<yà‚¹ïQÐU„ہ?.’¦èûbß±©Ö«Âw*VŒ) `$‰bØԟ’ëXÖ-ËTÜíGÚ3ð«g Ÿ§¯—Jx„–’U/ÂÅv_s(Hÿ@TñJÑãõçn­‚!ÈgfbÓc­:él[ðQe 9ÀPLbÃãCµm[5¿ç'ªjglå‡Ûí_§Úõl-;"PkÞÞÁQâ¼_Ñ^¢SŸx?"¸¦ùY騐ÒOÈ q’`~~ÚtËU¹CڒêV  I1Áß_ÿÙ |Jc@sdZddlmZddlZddlZddlmZddlmZmZddlm Z m Z m Z m Z m Z ddlmZmZmZmZddlmZmZdd lmZmZdd lmZmZdd lmZmZmZdd lmZmZdd lmZmZddlmZm Z ddlm!Z!m"Z"m#Z#ddlm$Z$m%Z%ddl&m'Z'dZ(dZ)dZ*dZ+dZ,dZ-dZ.dZ/dZ0dZ1dZ2dZ3de'fdYZ4de'fdYZ5d e'fd!YZ6d"fd#YZ7d$e'e7fd%YZ8d&e'e7fd'YZ9d(e'fd)YZ:ej;d*Z<ej;d+Z=d,Z>d-Z?d.Z@d/e'fd0YZAd1e'fd2YZBd3e'fd4YZCeDd5krendS(6s# Unit tests for L{OpenSSL.crypto}. i(tmainN(tpopen2(tdatetimet timedelta(tTYPE_RSAtTYPE_DSAtErrortPKeytPKeyType(tX509tX509TypetX509Namet X509NameType(tX509Reqt X509ReqType(t X509ExtensiontX509ExtensionType(tload_certificatetload_privatekey(t FILETYPE_PEMt FILETYPE_ASN1t FILETYPE_TEXT(tdump_certificatetload_certificate_request(tdump_certificate_requesttdump_privatekey(t PKCS7Typetload_pkcs7_data(t PKCS12Typet load_pkcs12tPKCS12(t NetscapeSPKItNetscapeSPKIType(tTestCases2-----BEGIN CERTIFICATE----- MIIC7TCCAlagAwIBAgIIPQzE4MbeufQwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE BhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQHEwdDaGljYWdvMRAwDgYDVQQKEwdU ZXN0aW5nMRgwFgYDVQQDEw9UZXN0aW5nIFJvb3QgQ0EwIhgPMjAwOTAzMjUxMjM2 NThaGA8yMDE3MDYxMTEyMzY1OFowWDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAklM MRAwDgYDVQQHEwdDaGljYWdvMRAwDgYDVQQKEwdUZXN0aW5nMRgwFgYDVQQDEw9U ZXN0aW5nIFJvb3QgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPmaQumL urpE527uSEHdL1pqcDRmWzu+98Y6YHzT/J7KWEamyMCNZ6fRW1JCR782UQ8a07fy 2xXsKy4WdKaxyG8CcatwmXvpvRQ44dSANMihHELpANTdyVp6DCysED6wkQFurHlF 1dshEaJw8b/ypDhmbVIo6Ci1xvCJqivbLFnbAgMBAAGjgbswgbgwHQYDVR0OBBYE FINVdy1eIfFJDAkk51QJEo3IfgSuMIGIBgNVHSMEgYAwfoAUg1V3LV4h8UkMCSTn VAkSjch+BK6hXKRaMFgxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJJTDEQMA4GA1UE BxMHQ2hpY2FnbzEQMA4GA1UEChMHVGVzdGluZzEYMBYGA1UEAxMPVGVzdGluZyBS b290IENBggg9DMTgxt659DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GB AGGCDazMJGoWNBpc03u6+smc95dEead2KlZXBATOdFT1VesY3+nUOqZhEhTGlDMi hkgaZnzoIq/Uamidegk4hirsCT/R+6vsKAAxNTcBjUeZjlykCJWy5ojShGftXIKY w/njVbKMXrvc83qmTdGl3TAM0fxQIpqgcglFLveEBgzn -----END CERTIFICATE----- sw-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQD5mkLpi7q6ROdu7khB3S9aanA0Zls7vvfGOmB80/yeylhGpsjA jWen0VtSQke/NlEPGtO38tsV7CsuFnSmschvAnGrcJl76b0UOOHUgDTIoRxC6QDU 3claegwsrBA+sJEBbqx5RdXbIRGicPG/8qQ4Zm1SKOgotcbwiaor2yxZ2wIDAQAB AoGBAPCgMpmLxzwDaUmcFbTJUvlLW1hoxNNYSu2jIZm1k/hRAcE60JYwvBkgz3UB yMEh0AtLxYe0bFk6EHah11tMUPgscbCq73snJ++8koUw+csk22G65hOs51bVb7Aa 6JBe67oLzdtvgCUFAA2qfrKzWRZzAdhUirQUZgySZk+Xq1pBAkEA/kZG0A6roTSM BVnx7LnPfsycKUsTumorpXiylZJjTi9XtmzxhrYN6wgZlDOOwOLgSQhszGpxVoMD u3gByT1b2QJBAPtL3mSKdvwRu/+40zaZLwvSJRxaj0mcE4BJOS6Oqs/hS1xRlrNk PpQ7WJ4yM6ZOLnXzm2mKyxm50Mv64109FtMCQQDOqS2KkjHaLowTGVxwC0DijMfr I9Lf8sSQk32J5VWCySWf5gGTfEnpmUa41gKTMJIbqZZLucNuDcOtzUaeWZlZAkA8 ttXigLnCqR486JDPTi9ZscoZkZ+w7y6e/hH8t6d5Vjt48JVyfjPIaJY+km58LcN3 6AWSeGAdtRFHVzR7oHjVAkB4hutvxiOeiIVQNBhM6RSI9aBPMI21DoX2JRoxvNW2 cbvAhow217X9V0dVerEOKxnNYspXRrh36h7k4mQA+sDq -----END RSA PRIVATE KEY----- s*-----BEGIN CERTIFICATE----- MIICKDCCAZGgAwIBAgIJAJn/HpR21r/8MA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV BAYTAlVTMQswCQYDVQQIEwJJTDEQMA4GA1UEBxMHQ2hpY2FnbzEQMA4GA1UEChMH VGVzdGluZzEYMBYGA1UEAxMPVGVzdGluZyBSb290IENBMCIYDzIwMDkwMzI1MTIz NzUzWhgPMjAxNzA2MTExMjM3NTNaMBgxFjAUBgNVBAMTDWxvdmVseSBzZXJ2ZXIw gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL6m+G653V0tpBC/OKl22VxOi2Cv lK4TYu9LHSDP9uDVTe7V5D5Tl6qzFoRRx5pfmnkqT5B+W9byp2NU3FC5hLm5zSAr b45meUhjEJ/ifkZgbNUjHdBIGP9MAQUHZa5WKdkGIJvGAvs8UzUqlr4TBWQIB24+ lJ+Ukk/CRgasrYwdAgMBAAGjNjA0MB0GA1UdDgQWBBS4kC7Ij0W1TZXZqXQFAM2e gKEG2DATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQUFAAOBgQBh30Li dJ+NlxIOx5343WqIBka3UbsOb2kxWrbkVCrvRapCMLCASO4FqiKWM+L0VDBprqIp 2mgpFQ6FHpoIENGvJhdEKpptQ5i7KaGhnDNTfdy3x1+h852G99f1iyj0RmbuFcM8 uzujnS8YXWvM7DM1Ilozk4MzPug8jzFp5uhKCQ== -----END CERTIFICATE----- sw-----BEGIN RSA PRIVATE KEY----- MIICWwIBAAKBgQC+pvhuud1dLaQQvzipdtlcTotgr5SuE2LvSx0gz/bg1U3u1eQ+ U5eqsxaEUceaX5p5Kk+QflvW8qdjVNxQuYS5uc0gK2+OZnlIYxCf4n5GYGzVIx3Q SBj/TAEFB2WuVinZBiCbxgL7PFM1Kpa+EwVkCAduPpSflJJPwkYGrK2MHQIDAQAB AoGAbwuZ0AR6JveahBaczjfnSpiFHf+mve2UxoQdpyr6ROJ4zg/PLW5K/KXrC48G j6f3tXMrfKHcpEoZrQWUfYBRCUsGD5DCazEhD8zlxEHahIsqpwA0WWssJA2VOLEN j6DuV2pCFbw67rfTBkTSo32ahfXxEKev5KswZk0JIzH3ooECQQDgzS9AI89h0gs8 Dt+1m11Rzqo3vZML7ZIyGApUzVan+a7hbc33nbGRkAXjHaUBJO31it/H6dTO+uwX msWwNG5ZAkEA2RyFKs5xR5USTFaKLWCgpH/ydV96KPOpBND7TKQx62snDenFNNbn FwwOhpahld+vqhYk+pfuWWUpQciE+Bu7ZQJASjfT4sQv4qbbKK/scePicnDdx9th 4e1EeB9xwb+tXXXUo/6Bor/AcUNwfiQ6Zt9PZOK9sR3lMZSsP7rMi7kzuQJABie6 1sXXjFH7nNJvRG4S39cIxq8YRYTy68II/dlB2QzGpKxV/POCxbJ/zu0CU79tuYK7 NaeNCFfH3aeTrX0LyQJAMBWjWmeKM2G2sCExheeQK0ROnaBC8itCECD4Jsve4nqf r50+LF74iLXFwqysVCebPKMOpDWp/qQ1BbJQIPs7/A== -----END RSA PRIVATE KEY----- s&-----BEGIN CERTIFICATE----- MIICJjCCAY+gAwIBAgIJAKxpFI5lODkjMA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV BAYTAlVTMQswCQYDVQQIEwJJTDEQMA4GA1UEBxMHQ2hpY2FnbzEQMA4GA1UEChMH VGVzdGluZzEYMBYGA1UEAxMPVGVzdGluZyBSb290IENBMCIYDzIwMDkwMzI1MTIz ODA1WhgPMjAxNzA2MTExMjM4MDVaMBYxFDASBgNVBAMTC3VnbHkgY2xpZW50MIGf MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAZh/SRtNm5ntMT4qb6YzEpTroMlq2 rn+GrRHRiZ+xkCw/CGNhbtPir7/QxaUj26BSmQrHw1bGKEbPsWiW7bdXSespl+xK iku4G/KvnnmWdeJHqsiXeUZtqurMELcPQAw9xPHEuhqqUJvvEoMTsnCEqGM+7Dtb oCRajYyHfluARQIDAQABozYwNDAdBgNVHQ4EFgQUNQB+qkaOaEVecf1J3TTUtAff 0fAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQEFBQADgYEAyv/Jh7gM Q3OHvmsFEEvRI+hsW8y66zK4K5de239Y44iZrFYkt7Q5nBPMEWDj4F2hLYWL/qtI 9Zdr0U4UDCU9SmmGYh4o7R4TZ5pGFvBYvjhHbkSFYFQXZxKUi+WUxplP6I0wr2KJ PSTJCjJOn3xo2NTKRgV1gaoTf2EhL+RG8TQ= -----END CERTIFICATE----- s{-----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQDAZh/SRtNm5ntMT4qb6YzEpTroMlq2rn+GrRHRiZ+xkCw/CGNh btPir7/QxaUj26BSmQrHw1bGKEbPsWiW7bdXSespl+xKiku4G/KvnnmWdeJHqsiX eUZtqurMELcPQAw9xPHEuhqqUJvvEoMTsnCEqGM+7DtboCRajYyHfluARQIDAQAB AoGATkZ+NceY5Glqyl4mD06SdcKfV65814vg2EL7V9t8+/mi9rYL8KztSXGlQWPX zuHgtRoMl78yQ4ZJYOBVo+nsx8KZNRCEBlE19bamSbQLCeQMenWnpeYyQUZ908gF h6L9qsFVJepgA9RDgAjyDoS5CaWCdCCPCH2lDkdcqC54SVUCQQDseuduc4wi8h4t V8AahUn9fn9gYfhoNuM0gdguTA0nPLVWz4hy1yJiWYQe0H7NLNNTmCKiLQaJpAbb TC6vE8C7AkEA0Ee8CMJUc20BnGEmxwgWcVuqFWaKCo8jTH1X38FlATUsyR3krjW2 dL3yDD9NwHxsYP7nTKp/U8MV7U9IBn4y/wJBAJl7H0/BcLeRmuJk7IqJ7b635iYB D/9beFUw3MUXmQXZUfyYz39xf6CDZsu1GEdEC5haykeln3Of4M9d/4Kj+FcCQQCY si6xwT7GzMDkk/ko684AV3KPc/h6G0yGtFIrMg7J3uExpR/VdH2KgwMkZXisSMvw JJEQjOMCVsEJlRk54WWjAkEAzoZNH6UhDdBK5F38rVt/y4SEHgbSfJHIAmPS32Kq f6GGcfNpip0Uk7q7udTKuX7Q/buZi/C4YW7u3VKAquv9NA== -----END RSA PRIVATE KEY----- s-----BEGIN CERTIFICATE REQUEST----- MIIBnjCCAQcCAQAwXjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQH EwdDaGljYWdvMRcwFQYDVQQKEw5NeSBDb21wYW55IEx0ZDEXMBUGA1UEAxMORnJl ZGVyaWNrIERlYW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANp6Y17WzKSw BsUWkXdqg6tnXy8H8hA1msCMWpc+/2KJ4mbv5NyD6UD+/SqagQqulPbF/DFea9nA E0zhmHJELcM8gUTIlXv/cgDWnmK4xj8YkjVUiCdqKRAKeuzLG1pGmwwF5lGeJpXN xQn5ecR0UYSOWj6TTGXB9VyUMQzCClcBAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB gQAAJGuF/R/GGbeC7FbFW+aJgr9ee0Xbl6nlhu7pTe67k+iiKT2dsl2ti68MVTnu Vrb3HUNqOkiwsJf6kCtq5oPn3QVYzTa76Dt2y3Rtzv6boRSlmlfrgS92GNma8JfR oICQk3nAudi6zl1Dix3BCv1pUp5KMtGn3MeDEi6QFGy2rA== -----END CERTIFICATE REQUEST----- s-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,9573604A18579E9E SHOho56WxDkT0ht10UTeKc0F5u8cqIa01kzFAmETw0MAs8ezYtK15NPdCXUm3X/2 a17G7LSF5bkxOgZ7vpXyMzun/owrj7CzvLxyncyEFZWvtvzaAhPhvTJtTIB3kf8B 8+qRcpTGK7NgXEgYBW5bj1y4qZkD4zCL9o9NQzsKI3Ie8i0239jsDOWR38AxjXBH mGwAQ4Z6ZN5dnmM4fhMIWsmFf19sNyAML4gHenQCHhmXbjXeVq47aC2ProInJbrm +00TcisbAQ40V9aehVbcDKtS4ZbMVDwncAjpXpcncC54G76N6j7F7wL7L/FuXa3A fvSVy9n2VfF/pJ3kYSflLHH2G/DFxjF7dl0GxhKPxJjp3IJi9VtuvmN9R2jZWLQF tfC8dXgy/P9CfFQhlinqBTEwgH0oZ/d4k4NVFDSdEMaSdmBAjlHpc+Vfdty3HVnV rKXj//wslsFNm9kIwJGIgKUa/n2jsOiydrsk1mgH7SmNCb3YHgZhbbnq0qLat/HC gHDt3FHpNQ31QzzL3yrenFB2L9osIsnRsDTPFNi4RX4SpDgNroxOQmyzCCV6H+d4 o1mcnNiZSdxLZxVKccq0AfRpHqpPAFnJcQHP6xyT9MZp6fBa0XkxDnt9kNU8H3Qw 7SJWZ69VXjBUzMlQViLuaWMgTnL+ZVyFZf9hTF7U/ef4HMLMAVNdiaGG+G+AjCV/ MbzjS007Oe4qqBnCWaFPSnJX6uLApeTbqAxAeyCql56ULW5x6vDMNC3dwjvS/CEh 11n8RkgFIQA0AhuKSIg3CbuartRsJnWOLwgLTzsrKYL4yRog1RJrtw== -----END RSA PRIVATE KEY----- tfoobars-----BEGIN PKCS7----- MIIDNwYJKoZIhvcNAQcCoIIDKDCCAyQCAQExADALBgkqhkiG9w0BBwGgggMKMIID BjCCAm+gAwIBAgIBATANBgkqhkiG9w0BAQQFADB7MQswCQYDVQQGEwJTRzERMA8G A1UEChMITTJDcnlwdG8xFDASBgNVBAsTC00yQ3J5cHRvIENBMSQwIgYDVQQDExtN MkNyeXB0byBDZXJ0aWZpY2F0ZSBNYXN0ZXIxHTAbBgkqhkiG9w0BCQEWDm5ncHNA cG9zdDEuY29tMB4XDTAwMDkxMDA5NTEzMFoXDTAyMDkxMDA5NTEzMFowUzELMAkG A1UEBhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRvMRIwEAYDVQQDEwlsb2NhbGhvc3Qx HTAbBgkqhkiG9w0BCQEWDm5ncHNAcG9zdDEuY29tMFwwDQYJKoZIhvcNAQEBBQAD SwAwSAJBAKy+e3dulvXzV7zoTZWc5TzgApr8DmeQHTYC8ydfzH7EECe4R1Xh5kwI zOuuFfn178FBiS84gngaNcrFi0Z5fAkCAwEAAaOCAQQwggEAMAkGA1UdEwQCMAAw LAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0G A1UdDgQWBBTPhIKSvnsmYsBVNWjj0m3M2z0qVTCBpQYDVR0jBIGdMIGagBT7hyNp 65w6kxXlxb8pUU/+7Sg4AaF/pH0wezELMAkGA1UEBhMCU0cxETAPBgNVBAoTCE0y Q3J5cHRvMRQwEgYDVQQLEwtNMkNyeXB0byBDQTEkMCIGA1UEAxMbTTJDcnlwdG8g Q2VydGlmaWNhdGUgTWFzdGVyMR0wGwYJKoZIhvcNAQkBFg5uZ3BzQHBvc3QxLmNv bYIBADANBgkqhkiG9w0BAQQFAAOBgQA7/CqT6PoHycTdhEStWNZde7M/2Yc6BoJu VwnW8YxGO8Sn6UJ4FeffZNcYZddSDKosw8LtPOeWoK3JINjAk5jiPQ2cww++7QGG /g5NDjxFZNDJP1dGiLAxPW6JXwov4v0FmdzfLOZ01jDcgQQZqEpYlgpuI5JEWUQ9 Ho4EzbYCOaEAMQA= -----END PKCS7----- t X509ExtTestscBseZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZRS(s4 Tests for L{OpenSSL.crypto.X509Extension}. cCst|_|jjtdt|_|jj|jd|jj_t |_ |j j|_ |jjj|j _|j j |j |j j|jt jjd}t jtddjd}|j j||j j|dS(s Create a new private key and start a certificate request (for a test method to finish in one way or another). is Yoda root CAs %Y%m%d%H%M%SZtdaysidN(Rtpkeyt generate_keyRR treqt set_pubkeyt get_subjectt commonNameR tx509tsubjectt set_issuerRtnowtstrftimeRt set_notBeforet set_notAfter(tselfR.texpire((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pytsetUps   "cCs-|jtt|jtddtddS(s L{X509Extension} and L{X509ExtensionType} refer to the same type object and can be used to create instances of that type. RtbasicConstraintssCA:trueN(tassertIdenticalRRtassertConsistentTypetTrue(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt test_typescCstdtd}|jt|td|t|tftdtd}|jt|td|t|tfdS(s L{X509Extension} accepts an extension type name, a critical flag, and an extension value and returns an L{X509ExtensionType} instance. R5sCA:trues%r is of type %r, should be %rt nsCommentspyOpenSSL unit testN(RR8t assertTruet isinstanceRttypetFalse(R2tbasictcomment((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_construction s  cCsO|jttdtd|jttdtd|jttdtddS(sj L{X509Extension} raises something if it is passed a bad extension name or value. t thisIsMadeUpthiR5s blah blaht proxyCertInfos4language:id-ppl-anyLanguage,pathlen:1,policy:text:ABN(t assertRaisesRRR>R8(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_invalid_extensions cCsNtdtd}|j|jtdtd}|j|jdS(so L{X509ExtensionType.get_critical} returns the value of the extension's critical flag. R5sCA:trueN(RR8R;t get_criticalR>t assertFalse(R2text((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_get_critical1scCsTtdtd}|j|jdtdtd}|j|jddS(s{ L{X509ExtensionType.get_short_name} returns a string giving the short type name of the extension. R5sCA:trueR:sfoo barN(RR8t assertEqualtget_short_name(R2RI((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_get_short_name<scCstdtdd|j}|jj|g|jj|jdtt|j}|jd|k|jd|kdS(s The C{subject} parameter to L{X509Extension} may be provided for an extension which does not use it and is ignored in this case. R5sCA:TRUER,tsha1sX509v3 Basic Constraints:N( RR>R+tadd_extensionstsignR%RRR;(R2text1ttext((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_unused_subjectGs cCsmtdtdd|j}|jj|g|jj|jdtt|j}|jd|kdS(s~ If an extension requires a subject, the C{subject} parameter to L{X509Extension} provides its value. tsubjectKeyIdentifierthashR,RNsX509v3 Subject Key Identifier:N( RR>R+RORPR%RRR;(R2text3RR((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt test_subjectUs cCs|jttdtddS(s If an extension requires a subject and the C{subject} parameter is given no value, something happens. RTRUN(RERRR>(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_missing_subjectasc CsFx?ttdg|gD]%}|jttdtdd|qWdS(s If the C{subject} parameter is given a value which is not an L{X509} instance, L{TypeError} is raised. thelloR5sCA:TRUER,N(R8tobjectREt TypeErrorRR>(R2tbadObj((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_invalid_subjectjs cCstdtdd|j}|jj|g|jj|jdtt|j}|jd|k|jd|kdS(s The C{issuer} parameter to L{X509Extension} may be provided for an extension which does not use it and is ignored in this case. R5sCA:TRUEtissuerRNsX509v3 Basic Constraints:N( RR>R+RORPR%RRR;(R2RQRR((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_unused_issuervs cCstdtdd|j}|jj|g|jj|jdtt|j}|jd|k|jd|kdS(s| If an extension requires a issuer, the C{issuer} parameter to L{X509Extension} provides its value. tauthorityKeyIdentifiers issuer:alwaysR^RNs X509v3 Authority Key Identifier:sDirName:/CN=Yoda root CAN( RR>R+RORPR%RRR;(R2text2RR((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt test_issuers  cCs|jttdtddS(s} If an extension requires an issue and the C{issuer} parameter is given no value, something happens. R`skeyid:always,issuer:alwaysN(RERRR>(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_missing_issuersc CsFx?ttdg|gD]%}|jttdtdd|qWdS(s If the C{issuer} parameter is given a value which is not an L{X509} instance, L{TypeError} is raised. RYR`skeyid:always,issuer:alwaysR^N(R8RZRER[RR>(R2R\((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_invalid_issuers  (t__name__t __module__t__doc__R4R9RARFRJRMRSRWRXR]R_RbRcRd(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR#s      t PKeyTestscBsMeZdZdZdZdZdZdZdZdZ RS(s0 Unit tests for L{OpenSSL.crypto.PKey}. cCs$|jtt|jtddS(s L{PKey} and L{PKeyType} refer to the same type object and can be used to create instances of that type. RN(R6RRR7(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR9scCsL|jttdt}|jt|td|t|tfdS(sP L{PKey} takes no arguments and returns a new L{PKey} instance. s%r is of type %r, should be %rN(RER[RtNoneR;R<RR=(R2tkey((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRAs   cCs9t}|j|jd|j|jddS(sh L{PKeyType.bits} and L{PKeyType.type} return C{0} before the key is generated. iN(RRKR=tbits(R2Rj((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_pregenerations cCst}|jt|j|jt|jddd|jt|jdd|jt|jdd|jt|jtd|jt|jtddS( ss L{PKeyType.generate_key} takes two arguments, the first giving the key type as one of L{TYPE_RSA} or L{TYPE_DSA} and the second giving the number of bits to generate. If an invalid type is specified or generation fails, L{Error} is raised. If an invalid number of bits is specified, L{ValueError} or L{Error} is raised. iiitfootbariiN(RRER[R&Rt ValueErrorR(R2Rj((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_failedGenerations cCsOd}t}|jt||j|jt|j|j|dS(s L{PKeyType.generate_key} generates an RSA key when passed L{TYPE_RSA} as a type and a reasonable number of bits. iN(RR&RRKR=Rk(R2RkRj((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_rsaGenerations  cCsOd}t}|jt||j|jt|j|j|dS(s L{PKeyType.generate_key} generates a DSA key when passed L{TYPE_DSA} as a type and a reasonable number of bits. iN(RR&RRKR=Rk(R2RkRj((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_dsaGenerations  cCsrt}xbtdftdfgD]H\}}|j|||j|j||j|j|q"WdS(su L{PKeyType.generate_key} can be called multiple times on the same key to generate new keys. ii@N(RRRR&RKR=Rk(R2RjR=Rk((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_regeneration s  %( ReRfRgR9RARlRpRqRrRs(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRhs # t X509NameTestscBs_eZdZdZdZdZdZdZdZdZ dZ d Z RS( s4 Unit tests for L{OpenSSL.crypto.X509Name}. cKsVtj}|j}|jdx$|D]\}}t|||q2W|S(NcSs%|\}}|\}}t||S(N(tcmp(t.0t.1tk1tv1tk2tv2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt!s(R R)titemstsorttsetattr(R2tattrstnametktv((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt _x509names  cCsu|jtt|jtjd|jttt|j}|jt|td|t|tfdS(sB The type of X509Name objects is L{X509NameType}. R s%r is of type %r, should be %rN( R6R R RKReR;R<R=R(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR9's  cCs|j}d|_|j|jd|j|jdd|_|j|jd|j|jdd|_|j|jd|j|jdd|_|j|jd|j|jddS(si L{X509NameType} instances have attributes for each standard (?) X509Name field. RmtbazRntquuxN(RR*RKtCN(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_attributes6s     cCs|jdddd}t|}|j|jd|j|jdd|_|j|jdd|_|j|jddS(s L{X509Name} creates a new L{X509NameType} instance with all the same attributes as an existing L{X509NameType} instance when called with one. R*Rmt emailAddresssbar@example.comRsquux@example.comN(RR RKR*R(R2Rtcopy((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt test_copyJs   cCs2|jdddd}|jt|ddS(s L{repr} passed an L{X509NameType} instance should return a string containing a description of the type and the NIDs which have been set on it. R*RmRRns,N(RRKtrepr(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt test_repr_s csdfd}j}||||jj|jddjdd|jddjdd|jddddjddddfd }|jddjdd|jddjddd fd }|jdd jdd fd}|jdd jdd dS(sO L{X509NameType} instances should compare based on their NIDs. cSsQ|||kd||f|||k|||k|||kdS(Ns(%r == %r) --> False((tatbR;RH((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt _equalityoscs||jjdS(N(R;RH(RR(RR2(sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRKusR*RmRtorganizationalUnitNameRntOUcs||jjdS(N(RHR;(RR(RR2(sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pytassertNotEqualscSs|||k|||k|||k|||k|||k|||k|||k|||kdS(N((RRR;RH((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt _inequalityscs||jjdS(N(R;RH(RR(RR2(sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pytassertLessThanstabctdefcs||jjdS(N(RHR;(RR(RR2(sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pytassertGreaterThansN(R(R2RKRRRR((RRR2sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_comparisonks.    cCsi|jdd}|jdd}|j|j|jd|_|j|j|jdS(sb L{X509Name.hash} returns an integer hash based on the value of the name. RRmRnN(RRKRURR(R2RR((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt test_hashs  cCs2|jdddd}|j|jddS(sK L{X509Name.der} returns the DER encoded form of the name. RRmtCtUSs01 0 UUS1 0 UfooN(RRKtder(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_ders cCsm|j}|j|jgd|_|j|jdgd|_|j|jddgdS( s L{X509Name.get_components} returns a C{list} of two-tuples of C{str} giving the NIDs and associated values which make up the name. RmRRnRN(RRm(RRm(RRn(RRKtget_componentsRR(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_get_componentss    ( ReRfRgRR9RRRRRRR(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRts    K t_PKeyInteractionTestsMixincBs)eZdZdZdZdZRS(s7 Tests which involve another thing and a PKey. cCs tdS(s[ Return something with a C{set_pubkey}, C{set_pubkey}, and C{sign} method. N(tNotImplementedError(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pytsignablescCs2|j}t}|jt|j|ddS(sY L{X509Req.sign} raises L{ValueError} when pass a L{PKey} with no parts. tMD5N(RRRERoRP(R2trequestRj((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_signWithUngenerateds  cCs[|j}t}|jtd|j||j}|jt|j|ddS(s{ L{X509Req.sign} raises L{ValueError} when pass a L{PKey} with no private part as the signing key. iRN( RRR&RR(t get_pubkeyRERoRP(R2RRjtpub((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_signWithPublicKeys     (ReRfRgRRR(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRs  t X509ReqTestscBs;eZdZdZdZdZdZdZRS(s. Tests for L{OpenSSL.crypto.X509Req}. cCstS(s5 Create and return a new L{X509Req}. (R (R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRscCs$|jtt|jtddS(s L{X509Req} and L{X509ReqType} refer to the same type object and can be used to create instances of that type. R N(R6R RR7(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR9 scCs9t}|jt|td|t|tfdS(sW L{X509Req} takes no arguments and returns an L{X509ReqType} instance. s%r is of type %r, should be %rN(R R;R<RR=(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRAs  cCsit}|j|jd|jd|j|jd|jd|j|jddS(s L{X509ReqType.set_version} sets the X.509 version of the certificate request. L{X509ReqType.get_version} returns the X.509 version of the certificate request. The initial value of the version is 0. iiiN(R RKt get_versiont set_version(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt test_versions    cCst}|j}|jt|td|t|tfd|_|j|jjd~d|_|j|jddS(s L{X509ReqType.get_subject} returns an L{X509Name} for the subject of the request and which is valid even after the request object is otherwise dead. s%r is of type %r, should be %rRmRnN(R R)R;R<R R=R*RK(R2RR,((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_get_subject*s     (ReRfRgRR9RARR(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRs   t X509TestscBsreZdZeeZdZdZdZdZ dZ dZ dZ dZ d Zd ZRS( s+ Tests for L{OpenSSL.crypto.X509}. cCstS(s2 Create and return a new L{X509}. (R (R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRCscCs$|jtt|jtddS(s L{X509} and L{X509Type} refer to the same type object and can be used to create instances of that type. R N(R6R R R7(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR9JscCst}|jt|td|t|tf|jttjd|jt|jd|jt|t|jt|tdS(sT L{X509} takes no arguments and returns an instance of L{X509Type}. s%r is of type %r, should be %rR=R N(R R;R<R R=RKRe(R2t certificate((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRASs    cCst}|jt|j|jt|jdd|jt|jd|jt|jd|j|jd|jd|j|jd|jd |j|jd |jd|j|jd|jd|j|jdd S(s The serial number of an L{X509Type} can be retrieved and modified with L{X509Type.get_serial_number} and L{X509Type.set_serial_number}. iit1g@ii i@iNIIIIlllll l l l (R RER[tset_serial_numberRKtget_serial_number(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_serial_numbercs     cCst}t|d|}t|d|}|j|dd}|||j||d}|||j||d}|||j|||jt|ddS(s L{X509Type.set_notBefore} takes a string in the format of an ASN1 GENERALIZEDTIME and sets the beginning of the certificate's validity period to it. tset_nottget_nott20040203040506Zs20040203040506+0530s20040203040506-0115sfoo barN(R tgetattrRKRiRERo(R2twhichRtsettgettwhen((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt _setBoundTestxs    cCs|jddS(s L{X509Type.set_notBefore} takes a string in the format of an ASN1 GENERALIZEDTIME and sets the beginning of the certificate's validity period to it. tBeforeN(R(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_set_notBeforescCs|jddS(s L{X509Type.set_notAfter} takes a string in the format of an ASN1 GENERALIZEDTIME and sets the end of the certificate's validity period to it. tAfterN(R(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_set_notAfterscCs,tt|j}|j|jddS(s L{X509Type.get_notBefore} returns a string in the format of an ASN1 GENERALIZEDTIME even for certificates which store it as UTCTIME internally. t20090325123658ZN(RRtpemDataRKt get_notBefore(R2tcert((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_get_notBeforescCs,tt|j}|j|jddS(s L{X509Type.get_notAfter} returns a string in the format of an ASN1 GENERALIZEDTIME even for certificates which store it as UTCTIME internally. t20170611123658ZN(RRRRKt get_notAfter(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_get_notAfterscCs&t}|j|jdddS(s L{X509.digest} returns a string giving ":"-separated hex-encoded words of the digest of the certificate. tmd5s/A8:EB:07:F8:53:25:0A:F2:56:05:C5:A5:C4:C4:C7:15N(R RKtdigest(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt test_digests  (ReRfRgtcleartextCertificatePEMtcleartextPrivateKeyPEMRRR9RARRRRRRR(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR=s     t PKCS12TestscBseZdZeeZdZdZdZdZ dZ dddddZ ddddddZ d Zd Zd Zd Zd ZdZdZdZdZdZdZRS(sN Test for L{OpenSSL.crypto.PKCS12} and L{OpenSSL.crypto.load_pkcs12}. cCs$|jtt|jtddS(s1 L{PKCS12Type} is a type object. RN(R6RRR7(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR9scCset}|jd|j|jd|j|jd|j|jd|jdS(s L{PKCS12} returns a new instance of L{PKCS12} with no certificate, private key, CA certificates, or friendly name. N(RRKRitget_certificatetget_privatekeytget_ca_certificatestget_friendlyname(R2tp12((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_empty_constructions  cCs$t}|jt|jd|jt|jt|jt|jt|jt|jd|jt|jd|jt|jt|jt|jd|jt|jt|jt|jd|jt|jtf|jt|jd|jt|jd dS( s The L{PKCS12} setter functions (C{set_certificate}, C{set_privatekey}, C{set_ca_certificates}, and C{set_friendlyname}) raise L{TypeError} when passed objects of types other than those expected. itlegboneiiRmRnN(ii(RmRn( RRER[tset_certificateRR tset_privatekeytset_ca_certificatestset_friendlyname(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_type_errorss cCsd}t}ttt}|j||jd|j|j||jy"|j d|dddd}Wnt k rdSXt ||}|jd|j |jd|j|j t|jttdfdS(s A L{PKCS12} with only a private key can be exported using L{PKCS12.export} and loaded again using L{load_pkcs12}. tblaht passphrasetiteritmaciteriN(RRRRRRKRiRRtexportRRRR;R<RR=(R2tpasswdRR%t dumped_p12((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt test_key_onlys  " cCsd}t}ttt}|j||j||j|jd|jy"|j d|dddd}Wnt k rdSXt ||}|jd|j|j t |jttdf|jttt|jddS( s A L{PKCS12} with only a certificate can be exported using L{PKCS12.export} and loaded again using L{load_pkcs12}. RRRiRiNi(RRRRRRKRRiRRRRR;R<R R=RR(R2RRRR((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_cert_onlys   " (cCst}|r:|jtt|}|j|dn|rk|jtt|}|j|dn|r|jtt|f}|j|dn|r|j |}|j|dn|S(sx Generate a PKCS12 object with components from PEM. Verify that the set functions return None. N( RRRRRKRiRRRR(R2tcert_pemtkey_pemtca_pemt friendly_nameRtret((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt gen_pkcs127s tc Cs|rFt|ddddd||}|j|t| |n|rt|ddddd|d|}|j|t| |n|rt|ddddd|d|}|j|t| |nd S( so Use openssl program to confirm three components are recoverable from a PKCS12 string. tpkcs12s-nocertss-nodess-passinspass:s-clcertss-nokeyss-cacertsN(t _runopensslRKtlen( R2tp12_strRjRtcaRtextrat recovered_keytrecovered_cert((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pytcheck_recoveryLscCsd}tt}t|ddddd|}t||}|jt|ttt|j }|j |tt t|j }|j |t|j d|jdS(s A PKCS12 string generated using the openssl command line can be loaded with L{load_pkcs12} and its components extracted and examined. twhateverRs-exports-clcertss-passoutspass:N(tclient_key_pemtclient_cert_pemRRR;R<RRRRRKRRRiR(R2RtpemRRRR((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_load_pkcs12cs cCs\d}|jttd|}|j|dddd|jt|ddddS(sx L{load_pkcs12} raises L{OpenSSL.crypto.Error} when passed a string which is not a PKCS12 dump. Rs fruit loopsisasn1 encoding routinesiN(RERRRKR(R2Rte((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_load_pkcs12_garbagevscCs |jttt}|jttt|jt tt ttt}ttt}|j |g|j dt |j|j ||jd|j ||g|j dt |j|j ||jd|j ||jddS(s L{PKCS12.set_certificate} replaces the certificate in a PKCS12 cluster. L{PKCS12.set_privatekey} replaces the private key. L{PKCS12.set_ca_certificates} replaces the CA certificates. iiiN(RRRt root_cert_pemRRRtserver_cert_pemRRtserver_key_pemRRKRR(R2Rt root_certt client_cert((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt test_replacesc Csd}|jttt}xdd dgD]}|j||j|j||jd|dddd}t ||}|j|j|j|j |d td td td |q+Wd S(s The I{friendlyName} of a PKCS12 can be set and retrieved via L{PKCS12.get_friendlyname} and L{PKCS12_set_friendlyname}, and a L{PKCS12} with a friendly name set can be dumped with L{PKCS12.export}. s$Dogmeat[]{}!@#$%^&*()~`?/.,<>-_+=";:t Serverliciouss###RRiRiRjRRRN( RRRRRiRRKRRRR(R2RRRRt reloaded_p12((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_friendly_names c Cs|jttt}d}|jddddd|}|jdddddd}|jdddd }x<|||gD]+}|j|d td td td |qWdS(sf Test that missing, None, and '' passphrases are identical for PKCS12 export. RRiRiRii iRjRRRN(RRRRRRiR(R2RRtdumped_p12_emptytdumped_p12_nonetdumped_p12_nopwR((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_various_empty_passphrasesscCs<|jttt}|jd|jd|jdS(sg Passing C{None} to L{PKCS12.set_ca_certificates} removes all CA certificates. N(RRRRRRiRKR(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_removing_ca_certs c Csbd}|jttt}|jddd|dd}|j|dtdtd |d d d S(sb Exporting a PKCS12 with a C{maciter} of C{-1} excludes the MAC entirely. s Lake MichiganRiRRiRjRRRs -nomacverN(s -nomacver(RRRRRR(R2RRR((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_export_without_macs cCszd}|jttt}|jddd|dd}y)t||}|jt|tWnt k runXdS(sQ Loading a PKCS12 without a MAC does something other than crash. s Lake MichiganRiRRiN( RRRRRRR;R<RR(R2RRRt recovered_p12((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_load_without_macs cCsvd}|jtt}|jg|jd |j|jd|dd}|j|dtdtd|dS( sN A PKCS12 with an empty CA certificates list can be exported. sHobie 18RRiRjRRN((RRRRRKRRR(R2RRR((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_zero_len_list_for_cas cCsD|jttt}|j}|j|dtdtdddS(sE All the arguments to L{PKCS12.export} are optional. RjRRRN(RRRRRR(R2RR((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_export_without_argss cCs,|jttt}|jt|jdS(sc L{PKCS12.export} raises an exception when a key and certificate mismatch. N(RRRRRERR(R2R((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_key_cert_mismatchsN((ReRfRgRRRR9RRRRRiRRRRRRRR R R R RR(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRs*     #         s(\\*)"s(\\+)\ZcCs&tjdtjd|}d|S(s< Internal method for quoting a single command-line argument. @type: C{str} @param s: A single unquoted string to quote for something that is expecting cmd.exe-style quoting @rtype: C{str} @return: A cmd.exe-style quoted string @see: U{http://www.perlmonks.org/?node_id=764004} s\1\1s\1\1\\"s"%s"(t_cmdLineQuoteRe2tsubt_cmdLineQuoteRe(ts((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt cmdLineQuotes cCsdjtt|S(s Quote an iterable of command-line arguments for passing to CreateProcess or a similar API. This allows the list passed to C{reactor.spawnProcess} to match the child process's C{sys.argv} properly. @type arguments: C{iterable} of C{str} @param arguments: An iterable of unquoted arguments to quote @rtype: C{str} @return: A space-delimited string containing quoted versions of L{arguments} t (tjointmapR(t arguments((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pytquoteArguments s cGstjdkrKddjg|D]}d|jddf^q}ndt|}t|d\}}|j||j|jS(s Run the command line openssl tool with the given arguments and write the given PEM to its stdin. Not safe for quotes. tposixsopenssl Rs'%s't's'\''R( tosRRtreplaceRRtwritetclosetread(RtargstargtcommandRR ((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR/s<  t FunctionTestscBsheZdZdZdZdZdZdZdZdZ dZ d Z d Z RS( sC Tests for free-functions in the L{OpenSSL.crypto} module. cCs|jttttddS(s L{load_privatekey} raises L{OpenSSL.crypto.Error} when it is passed an encrypted PEM and an incorrect passphrase. tquackN(RERRRtencryptedPrivateKeyPEM(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt$test_load_privatekey_wrongPassphraseCscCs,tttt}|jt|tdS(s~ L{load_privatekey} can create a L{PKey} object from an encrypted PEM string if given the passphrase. N(RRR&t encryptedPrivateKeyPEMPassphraseR;R<R(R2Rj((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_load_privatekey_passphraseMs cs?gfd}|jtttt||jdS(s L{load_privatekey} raises L{OpenSSL.crypto.Error} when it is passed an encrypted PEM and a passphrase callback which returns an incorrect passphrase. csjddS(NR%(tappendRi(R(tcalled(sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pytcb_s N(RERRRR&R;(R2R,((R+sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt,test_load_privatekey_wrongPassphraseCallbackXs csTgfd}ttt|}|jt|t|jtgdS(s L{load_privatekey} can create a L{PKey} object from an encrypted PEM string if given a passphrase callback which returns the correct password. csj|tS(N(R*R((twriting(R+(sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR,ns N(RRR&R;R<RRKR>(R2R,Rj((R+sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt'test_load_privatekey_passphraseCallbackgs cCsd}ttt}tt|d|}|jt|ttt||}|jt|t|j|j |j |j|j |j dS(sU L{dump_privatekey} writes an encrypted PEM when given a passphrase. RmtblowfishN( RRRRR;R<tstrRRKR=Rk(R2RRjRt loadedKey((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_dump_privatekey_passphrasevsc Cstt}tt|}tt|}|j|ttt|}t|ddd}|j||tt|}tt|}|j|ttt|}t|ddd} |j|| dS(s@ L{dump_certificate} writes PEM, DER, and text. R+s-outformtDERs-noouts-textN( RRRRRRKRRR( R2RRt dumped_pemt dumped_dertgood_dertcert2t dumped_pem2t dumped_textt good_text((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_dump_certificates c Csttt}tt|}|j|ttt|}t|ddd}|j||tt|}tt|}|j|ttt|}t|ddd}|j||dS(sA L{dump_privatekey} writes a PEM, DER, and text. trsas-outformR4s-noouts-textN(RRRRRKRRR( R2RjR5R6R7tkey2R9R:R;((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_dump_privatekeysc Csttt}tt|}|j|ttt|}t|ddd}|j||tt|}tt|}|j|ttt|}t|ddd}|j||dS(sJ L{dump_certificate_request} writes a PEM, DER, and text. R's-outformR4s-noouts-textN(RRtcleartextCertificateRequestPEMRRKRRR( R2R'R5R6R7treq2R9R:R;((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_dump_certificate_requestscsdgfd}ttt}tt|d|}|jt|t|jtgtt|}|jt|t |j|j |j |j|j |j dS(s L{dump_privatekey} writes an encrypted PEM when given a callback which returns the correct passphrase. Rmcsj|S(N(R*(R.(R+R(sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR,s R0N( RRRRR;R<R1RKR8RR=Rk(R2R,RjRR2((R+RsK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyt'test_dump_privatekey_passphraseCallbackscCs)ttt}|jt|tdS(sm L{load_pkcs7_data} accepts a PKCS#7 string and returns an instance of L{PKCS7Type}. N(RRt pkcs7DataR;R<R(R2tpkcs7((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyttest_load_pkcs7_datas( ReRfRgR'R)R-R/R3R<R?RBRCRF(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR$?s       t PKCS7TestscBseZdZdZRS(s! Tests for L{PKCS7Type}. cCs-|jttt|jtjddS(s0 L{PKCS7Type} is a type object. tPKCS7N(R;R<RR=RKRe(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR9s(ReRfRgR9(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRGstNetscapeSPKITestscBs eZdZdZdZRS(s3 Tests for L{OpenSSL.crypto.NetscapeSPKI}. cCs$|jtt|jtddS(s L{NetscapeSPKI} and L{NetscapeSPKIType} refer to the same type object and can be used to create instances of that type. RN(R6RR R7(R2((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyR9scCs#t}|jt|tdS(sM L{NetscapeSPKI} returns an instance of L{NetscapeSPKIType}. N(RR;R<R (R2tnspki((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRAs (ReRfRgR9RA(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyRIs t__main__(ERgtunittestRRtreRRRtOpenSSL.cryptoRRRRRR R R R R RRRRRRRRRRRRRRRRRRR tOpenSSL.test.utilR!Rt root_key_pemRRRRRRR@R&R(RDR#RhRtRRRRtcompileRRRRRR$RGRIRe(((sK/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_crypto.pyts\("m"?C